Home » System Center Operations Manager 2007 » Audit Collection and Gateway Server


Welcome to contoso.se! My name is Anders Bengtsson and this is my blog about Azure infrastructure and system management. I am a senior engineer in the FastTrack for Azure team, part of Azure Engineering, at Microsoft.  Contoso.se has two main purposes, first as a platform to share information with the community and the second as a notebook for myself.

Everything you read here is my own personal opinion and any code is provided "AS-IS" with no warranties.

Anders Bengtsson

MVP awarded 2007,2008,2009,2010

My Books
Service Manager Unleashed
Service Manager Unleashed
Orchestrator Unleashed
Orchestrator 2012 Unleashed
Inside the Microsoft Operations Management Suite

Audit Collection and Gateway Server

There is a lot of questions regarding ACS and gateway server. Microsoft Audit Connection Service (ACS) is a new function in Ops Mgr that can collect logs from machines. All logs are saved in a special Audit Collection database. You can then run reports against the database to see trends and do security analyzes. You can also for example trace a user activity over many systems. Gateway server is a server service that allow Ops Mgr to monitor machine within non-trusted domains or in workgroups, without lower the security.

I did some tests today about ACS and gateway servers. In my test I had regular Windows Server 2003 domain with Ops Mgr installed, I also had a Windows Server 2008 machine running in another domain that I wanted to monitor. Normal agent installation did not work as there is no firest trust between my domains and the 2008 domain is running Windows Server 2008 Functional Level. Is is no problem installing the agent on a Windows server 2008 machine that are in the same domain as Ops Mgr.I installed a Windows Server 2003 as a gateway (GTW) server and then I manually installed the agent on my Windows server 2008 machine. After that I enable audit collection from operations manager console. During the ACS enable wizard you must do a override and speciy a ACS collector, else the agent will try to forward all events to the gateway server.



Summary: There is no problem with ACS in a gateway scenario like this. Just remeber to direct your ACS forwarder (the agent) to send its event data to a ACS collector. One of the news in Ops Mgr SP1 is that ACS is now supported on the Management and Gateway server roles.

1 Comment

Comments are closed.